Acme Internet 800-332-0990
 DOMAIN SEARCH
 

RESERVE A DOMAIN

  Resellers
  IT Solutions
  Site Design
  Contact Us
 
 ? Tech Support
Web-based mail WebMail Login

 

 
 NETWORK NOTICES

 

Last Updated: 09/21/2004 04:17 PM


Update on mail bomb DoS Attack

Dear Acme Internet Customer,

You may be aware that during the late evening/early morning hours of 9/20-9/21 the SMTP portion of Acme Internet’s email system was subjected to an ongoing and increasingly severe denial of service (DoS) attack in the form of an SMTP mail bomb. We would like to update you on the status of this attack as well as inform you of the steps we are taking to minimize further DoS disruptions. (Please see the Questions & Answers section at the end of this notice for full information.)

A mail server (SMTP/POP etc) can fail if it is "mail bombed". This is the act of recklessly consuming all available server resources on the target email system by sending an unusually large volume of messages and/or messages that are extremely large in size. Mail bombs disrupt service to all mail server customers and are called a denial of service attack. It is illegal.

Acme Internet has identified the origin of the mail bomb, another large ISP located in the US (in a neighboring state to our own). A misconfiguration on that ISP’s mail system was responsible for creating a situation that resulted in a DoS on several remote mail servers belonging to other ISP's in addition to Acme Internet’s SMTP servers.

Acme Internet has blocked this ISP's network addresses from our routers. We have also notified their network staff via phone of the misconfiguration on their mail servers that resulted in the DoS situation. They have assured us that they will work to resolve the issue caused by their mail system.

Acme Internet appreciates your patience and sincerely apologizes for any disruption in sending or receiving email you may have encountered as a result of the DoS attack. No customer data was compromised at any time during the attack.

For additional information, or answers to questions not covered in the Q&A section below, please contact Acme Internet Customer Support at 800-332-0990. Please be aware that due to a high volume of calls regarding this service disruption, you may experience longer than average hold times.

Once again, we thank you for your patience and concern while we continue to fight these unforeseen and malicious DoS attacks.

Sincerely,
Acme Internet

Questions and Answers Regarding DoS Attack targeted at Acme Internet’s SMTP Server.

Q. What is a denial of service (DoS) attack?
A. On the Internet, a denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of network connectivity and services. DoS incidents routinely target large Internet companies including Yahoo, Amazon.com and CNN.com. Unfortunately, DoS attacks are regarded as a part of the risk that is assumed when doing business via the Internet.

Q. Why were Acme Internet’s SMTP servers being targeted?
A. Incidents of this magnitude often happen to companies of our size. We were not singled out for any particular reason. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. However, like viruses, malicious users, clueless users with poorly configured PC’s or sloppy network administrators that run insecure systems, are constantly spawning new varieties of DoS attacks.

Q. What strategies does Acme Internet use to protect its servers from DoS attacks?
A. Acme Internet employs a number of industry standard hardware and software tools and strategies as a defense against DoS attacks. In the past, these methods have successfully protected our servers. However, this recent attack was unprecedented in its severity and tenacity, which led to intermittent disruptions in the availability of the SMTP service for many Acme Internet customers for several hours during the early AM hours of 9/21. In response to this latest attack, Acme Internet has aggressively implemented additional layers of protection and blocked all traffic from the source of the attack.

11/18/2003 9:49am
Thanksgiving Holiday
Acme Internet is maintaining a holiday schedule on Thursday, November 27th for Thanksgiving.  What's a holiday schedule?  That's when our staff reports to work for several hours on a national holiday to take advantage of the opportunity to upgrade the network when system usage is assured to be low.  Numerous servers are slated for memory upgrades, hardware improvements and software patches/updates.

Notably, a few minor mail server upgrades and patches are tentatively planned over the holiday weekend.  However, we realize that Email is the #1 most highly utilized service over a holiday for extremely valued personal communications with friends and family.  With that in mind, all Email server maintenance will be deferred to off-hours and status will be posted here.  We do not anticipate any noticeable disruption to email service while we update the system.

Phone support - Phone support for routine customer service, billing or non-mission critical inquiries will not be available on Thanksgiving, However priority response technical assistance with any confirmed system-wide outages will remain available 24x7 via our Help Desk.

 

11/07/2001 9:05pm
All Systems Are Go
No significant system-wide outages since June.  The network is healthy and operational. Construction on Acme Internet's new server room is complete.


07/03/2001 8:21pm
WEB SERVER IP ADDRESS UPDATES
Web sites with IP addresses in the range of 38.152.102.150 through 38.152.102.190 have been assigned new IP addresses on our new network.  The renumbered servers also received an upgrade to FrontPage 2002 Server Extensions.


06/14/2001 1:10pm
CHANGES TO PRIMARY and SECONDARY DNS SERVERS
The Domain Name Server on Acme's Network have been assigned IP addresses on the new segment of our network.

The old DNS Server addresses were:

    Primary:  NS.ACMEINFO.COM   38.152.102.2
Secondary: NS2.ACMEINFO.COM  38.152.102.3

The NEW DNS SERVER Addresses are:

    Primary:   NS.ACMEINFO.COM   207.195.199.2
Secondary: NS2.ACMEINFO.COM   207.195.199.3


06/13/2001 3:45pm
Fiber cut results in outage.
Three large fiber trunks carrying approx. 600 T1 circuits to the Qwest telco Central Office were cut.  This fiber cut affected two of the three connections we have to the Internet backbone.  This resulted in an outage that affected an estimated 80% of our customers.  Qwest has agreed to prepare a statement explaining how and why the outage occurred.  This information will be shared with all users on our network.


05/29/2001 8:00pm
Phase I of move to new Network Center completed successfully.
All Systems are Go following our move to our new facility over the Memorial Day weekend.  This move affected our dedicated server hosting customers and our technical support, customer service and sales staff.


05/20/2001 11:58pm
FTP Server upgraded
FTP Server ftp.acmeinfo.com upgraded to Serv-U 3.0


02/13/2001  8:45pm  Email Server updated to IMail Server version 6.05
Included some fixes to Web Messaging, the email server and security updates.

 

Acme Internet is a Microsoft Certified Partner

 

 
Powered by Windows 2000 Server

Acme Internet™
3601 Minnesota Drive, Suite 625 - Minneapolis, MN  55435
(800) 332-0990 / (952) 928-8828
support@acmeinternet.com

 Free Domain Name Parking
Copyright © Acme Internet 2003